Authorization Management is the Key to Smooth But Secure Payments
If you happen to be a fraudster, it’s likely that you are loving all the ways the industry is making it easier for people to pay. The less friction in a payment, the quicker the money moves, and the more opportunity you have to intersect with fraud and move the money away before anyone notices.
On our side of the battle, payments professionals face a daily challenge; how to balance easy access to payments and smooth transactions, with robust fraud defenses?
It’s no secret that with the new, fast and open payments ecosystem, a new set of fraud threats is materialising. Financial institutions and intermediaries are faced with an unprecedented range of technologies and form factors, thanks to the digital transformation of commerce. The system is increasingly fragmented, and to top it off, now we have to combat fraud in real-time.
It’s unsurprising that Card Not Present fraud is on the rise; overall transaction volumes of CNP are increasing as we adopt multiple payments services including mobile payments, digital wallets, social payments and more. That’s not even including the potential explosion in micro-payments from connected devices as the Internet of Things becomes an everyday reality.
Fraud prevention is like an arms-race - it might seem like this diversification of payments technology just means more potential avenues for fraudsters’ attacks. But at the same time they have been developing phishing, malware and bots, the payments industry has been investing in machine learning and AI, encryption and tokenisation, Multi-Factor and Knowledge Based Authentication.
Resilience in Real-Time
Now the next big challenge is developing robust security for immediate payments. Real-time payments require real-time fraud prevention. This begins pre-payment, with payments providers investing in message encryption, digital certificates, and data capture. In its first incarnation, immediate payments will be initiated by consumers and corporates. Merchants will join the immediate payments revolution later than their ecosystem partners. In a real-time world, it’s not enough to focus fraud prevention on just the payments experience. Fraud prevention has to be considered end-to-end in the same way as customer experience. Strong authentication will be a major factor in achieving a secure transaction—within an excellent customer experience.
Finding the friction sweet spot
In the new payments ecosystem, strong authentication will no longer be needed for each transaction. If it is performed once, then payments to known receivers can flow freely. What will be key is authentication and authorisation management through monitoring relevant data. The implementation of global account numbers, predictive analytics, actionable alerting rules, and behavioural profiling will mean that authentication and authorisation can be streamlined to reduce unnecessary, repetitive checks. This will have positive impacts for merchants and their abandoned basket rates – a smoother purchasing process reduces customer drop-off.
The complication lies in balancing all the ways that customers want to pay...with security. Payments are open, with this openness being driven by consumer demand and regulators. PSD2 aims to drive open payments to encourage innovation in a traditionally staid industry. The mandate looks to support an open and secure payments ecosystem through its requirements for strong authentication. But PSD2’s goals for open banking will not succeed without frictionless authentication and a system of trust. The challenge for all financial institutions and intermediaries is to find just the right amount of friction for it to be smooth yetsecure. We want frictionless, but not so it feels like pickpocketing.
Find out more about how you can achieve frictionless fraud prevention with the latest eBook from our New Payments Ecosystem series: SECURE! How real-time and openness change the payment fraud ecosystem.
Related blog posts
The Growing Strategic Importance of Instant Payments [Webinar]
Financial institutions already recognize the potential of instant (or immediate) payments in the real-time, open banking landscape, however many are still determining the best path forward as they juggle new regulatory requirements and the evolving demands of customers.
How to Deliver on Customer Experience
Don’t Break the Bank – Building for the New Payments Ecosystem.
Contactless Turns Ten: The Shift to Contactless Universal Payments is Now Well Established
In September 2007, Barclaycard first introduced contactless payments to the UK. Ten years on, and many Brits would no longer want to live without a contactless card in their wallet. In fact, six out of ten Brits now pay with "touch and go," and according to the UK Cards Association 108 million contactless cards are in circulation in the UK, with volumes of transactions currently reaching £400 million per month.
Cómo los Ponibles están cambiando los pagos en Colombia [How Wearables Are Changing Payments in Colombia]
Available in Spanish and English
Thanks to the payment industry’s ongoing digital transformation and countless innovations adopted by banks, fintechs and retailers, it is now possible to make payments via bracelets, rings, watches, and even jackets—these are called Ponibles in Colombia. You know them as ‘Wearables.’
Pairing Payments Innovation with Security Needs in Southeast Asia
Many Asian governments – most notably those of Singapore and Hong Kong – have launched well-received initiatives to encourage collaboration rather than competition between the fintech start-up world and banks. This has enabled traditional banks to tap into the innovative solutions that fintechs offer, while the banks themselves bring to the table considerable experience with data, resilience, reliability and customer protection.
Getting a Gauge on Payment App Season
Dear Mark, this is a 100% true story (and a solid ‘Ranting’ to boot). As you know, I just returned from a lovely and relaxing vacation (or as our European colleagues call it, holiday). And as I got into my car this morning—for the first time in more than a week—I realized the gas tank was near-empty and that my low-tire indicator light was on… and I needed to get my daughter to camp en route to coming into the office.
You’d think this a minor inconvenience, right? Well…
API Stairway: The Five Steps to Open Payments
In my pre-EBAday rantings, I discussed Open APIs in the context of one of the greatest rock songs of all time (Stairway to Heaven, for the uninitiated). Waxing poetic about a topic is one thing, but marrying it to concrete steps is another. So, while our Stairway to Open API utopia was a nice background, it’s time to talk about the flights of stairs we’ll have to take to arrive at those pearly entry gates.
PSD2 Carries Over to the U.S. – Thanks to the Phone in Your Hand
Let me ask you a favor. Could you put down your phone for just a minute? Unless, of course, you’re reading this on your mobile device.
It can be an uphill battle asking someone to put down their phone these days. I have a tween, so I know the struggle! One of the reasons we’re so reticent to do so is the sheer power contained within these devices. At this point, it controls the music, the temperature, the locks and even the lighting in your home, and that’s not even touching on its entertainment value, or its capabilities as a payment device. The device, in its present form, has been around for ten years now, and in 2017, it’s safe to say there’s no going back.
Making Ubiquity A Reality: Real-Time Payments Pushes Ahead In The U.S.
As a member of the Faster Payments Task Force, an initiative of the Federal Reserve, I am pleased with the newly released report findings and the push to achieve the Federal Reserve’s Faster Payments call to action in just twenty-nine months from now; a payment system that is faster, ubiquitous, more inclusive, highly secure, and more efficient.
Assessing Same-day ACH In The New Era of Real-time Payments
The pace of payments has risen sharply in the U.S. since the introduction of same-day ACH in September 2016. Following the global movement towards immediate payments, the pace is set to pick up as real-time speed arrives through schemes such as The Clearing House (TCH) Real-time Payments System and Zelle networks.